Ransomware attack causes supermarket cheese shortage in the Netherlands

  • Company hit with ransomware was unable to deliver food to supermarkets
  • Firm’s director says he suspects hackers exploited Microsoft Exchange Server flaw

Shoppers at Dutch supermarkets may have noticed that some cheeses were in short supply last week, and it was cybercriminals who are to blame.

Branches of Albert Heijn, the largest supermarket chain in the Netherlands, suffered from food shortages after a ransomware attack hit food transportation and logistics firm Bakker Logistiek over the Easter holiday, causing the firm to shut off computer systems and resort to pen and paper.

Inevitably, this impacted shipments from Bakeer Logistiek’s warehouses, with deliveries from the company’s warehouses in Zeewolde, Tilburg and Heerenveen coming to a standstill, and shortages hitting branches of Albert Heijn.

Amongst the food types to be in short supply was prepackaged cheese, for which Albert Heijn apologised on its website.

With a little help from Google Translate, I’m able to decipher that statement from Albert Heijn as:

“Due to a technical malfunction, there is limited availability on prepackaged cheese. The logistics service provider is working hard to solve the problem as quickly as possible to quickly restore availability. We apologize for the inconvenience.”

Of course, the typical shopper isn’t likely to blame the transportation firm, or even the ransomware gang behind the attack. Foodies are most likely to be upset with the supermarket chain whose shelves aren’t fully stocked with cheeses, even though they’ve done nothing wrong.

One local media report, Bakker Logistiek director Toon Verhoeven suspected the attackers might have breached the company’s systems by exploiting the recently revealed flaw in Microsoft Exchange Server.

Verhoeven says that all of Bakker Logistiek’s IT systems are operational once more after six days of recovery, and that should mean that shops will begin to receive deliveries and shelves will be filled again in the coming days.

The company says that it has informed the authorities about the security breach, but is neither confirming or denying whether it paid any ransom to its attackers.

About the author


Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by companies such as Sophos, McAfee and Dr Solomon's. He has given talks about computer security for some of the world's largest companies, worked with law enforcement agencies on investigations into hacking groups, and regularly appears on TV and radio explaining computer security threats.

Graham Cluley was inducted into the InfoSecurity Europe Hall of Fame in 2011, and was given an honorary mention in the "10 Greatest Britons in IT History" for his contribution as a leading authority in internet security.